Lucene search
+L

6309 matches found

ics
ics
added 2026/06/25 5:0 a.m.10 views

EVoke Systems Charging Station Management System

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could enable attackers to gain unauthorized administrative control over vulnerable charging stations or disrupt charging services through denial-of-service attacks. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

9.4CVSS5.9AI score0.00378EPSS
Exploits0References11
cve
cve
added 2026/06/24 9:17 p.m.23 views

CVE-2026-54069

SiYuan Note

9.2CVSS5.9AI score0.00607EPSS
Exploits0References1
nvd
nvd
added 2026/06/24 9:16 p.m.12 views

CVE-2026-33543

FOSSBilling is a free, open-source billing and client management system. Versions 0.7.2 and prior expose a guest API endpoint, /api/guest/staff/create, intended for initial administrator bootstrap. Due to a flawed admin-existence check, the endpoint remains usable after an administrator already...

9.3CVSS0.00289EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/06/24 8:57 p.m.5 views

CVE-2026-45689

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, an unauthenticated network attacker obtains a valid Rocket.Chat OAuth access token for an arbitrary user by sending a single HTTP POST with...

9.1CVSS6.1AI score0.00308EPSS
Exploits0References2Affected Software1
osv
osv
added 2026/06/24 8:57 p.m.4 views

CVE-2026-45689 Rocket.Chat: Pre-Auth NoSQL Injection in OAuth2 Token Endpoint leading to Arbitrary User ATO

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, an unauthenticated network attacker obtains a valid Rocket.Chat OAuth access token for an arbitrary user by sending a single HTTP POST with...

9.1CVSS6.1AI score0.00308EPSS
Exploits0References3
cve
cve
added 2026/06/24 8:57 p.m.29 views

CVE-2026-45689

Summary: Rocket.Chat prior to versions 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11 is affected by a pre-auth NoSQL injection at the OAuth2 token endpoint. An unauthenticated attacker can send a crafted HTTP POST to /oauth/token using MongoDB query operators, bypassing grant-para...

9.1CVSS6.1AI score0.00308EPSS
Exploits0References1
euvd
euvd
added 2026/06/24 5:17 p.m.8 views

EUVD-2026-39009

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. From 1.11.1 until 1.14.1, userId/workspaceId scoping to the parsed-files read/delete paths was added. However, the POST /api/workspace/:slug/embed-parsed-file/:fileId flow...

5.9AI score0.00236EPSS
Exploits0References3
cvelist
cvelist
added 2026/06/24 5:17 p.m.36 views

CVE-2026-55611 AnythingLLM: embed-parsed-file cleanup deletes any parsed file by ID without ownership scoping (cross-tenant IDOR deletion)

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. From 1.11.1 until 1.14.1, userId/workspaceId scoping to the parsed-files read/delete paths was added. However, the POST /api/workspace/:slug/embed-parsed-file/:fileId flow...

0.00236EPSS
Exploits0References3
euvd
euvd
added 2026/06/24 11:53 a.m.8 views

EUVD-2026-38737

Capgo before 12.128.2 contains a cross-domain SSO account takeover vulnerability in the provision-user endpoint that allows attackers to merge arbitrary victim accounts based on email match without validating SSO provider domain authorization. An attacker with enterprise org admin access and a...

9.3CVSS6AI score0.00244EPSS
Exploits0References2
euvd
euvd
added 2026/06/24 5:33 a.m.9 views

EUVD-2026-38681

The 24liveblog - live blog tool plugin for WordPress is vulnerable to Exposure of Sensitive Information in versions up to, and including, 2.2. This is due to the lb24blockenqueuescripts function being hooked to enqueueblockeditorassets and, for any non-administrator user, falling back to loading...

4.3CVSS5.8AI score0.0021EPSS
Exploits0References3
cvelist
cvelist
added 2026/06/23 7:40 p.m.50 views

CVE-2026-12112 Foreman-mcp-server: mcp server: active session hijacking via insecure session state reuse

A flaw was found in the foreman-mcp-server. A session management vulnerability in the MCP Server allows unauthenticated attackers to hijack active administrative sessions due to an improper cache of authenticated client connections, by trusting a non-secret session ID without re-validating...

7.8CVSS0.00153EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2026/06/23 1:48 p.m.6 views

CVE-2026-35019 NetComm NF20MESH < R6B032 Hardcoded AES Key Authentication Bypass

NetComm NF20MESH routers running firmware R6B031 and earlier contain an authentication bypass vulnerability that allows unauthenticated attackers to gain administrative access by exploiting a hardcoded AES-256 key used to encrypt session cookies for the web management interface. Attackers can for...

9.2CVSS5.9AI score0.00431EPSS
Exploits0References4
cve
cve
added 2026/06/23 1:48 p.m.37 views

CVE-2026-35019

NetComm NF20MESH routers with firmware R6B031 and earlier are affected by an authentication bypass in the web management interface. The root cause is a hardcoded AES-256 key used to encrypt session cookies; an attacker can forge a valid encrypted cookie with the shared key to bypass authenticatio...

9.2CVSS5.9AI score0.00431EPSS
Exploits0References4
github
github
added 2026/06/22 5:10 p.m.9 views

motionEye has an Arbitrary File Read via Path Traversal in Picture/Movie Preview Endpoint

Summary motionEye v0.43.1 latest stable is vulnerable to path traversal in the picture and movie API endpoints, like /picture/id/preview/filename. Neither the API handlers, nor the mediafiles.py functions like getmediapreview check for .. sequences in the filename parameter, except getmediaconten...

6.5CVSS5.9AI score0.00418EPSS
Exploits0References2Affected Software1
attackerkb
attackerkb
added 2026/06/22 8:10 a.m.5 views

CVE-2025-4994

The SafeLine SL6 and SL6+ devices integrated into elevator emergency intercom systems are vulnerable to an authentication bypass. This vulnerability allows attackers to bypass authentication requirements and access the device's configuration service via the Bluetooth Low Energy BLE interface...

8.7CVSS5.9AI score0.00207EPSS
Exploits0References2Affected Software1
cve
cve
added 2026/06/22 8:10 a.m.23 views

CVE-2025-4994

CVE-2025-4994 affects SafeLine SL6 and SL6+ devices used in elevator emergency intercoms. A BLE-facing authentication bypass allows an attacker within wireless range to obtain unauthorized administrative access to the device configuration. Documented impact includes high affects on confidentialit...

8.7CVSS5.9AI score0.00207EPSS
Exploits0References2
cvelist
cvelist
added 2026/06/22 8:10 a.m.43 views

CVE-2025-4994 Authentication Bypass for SafeLine SL6 and SL6+

The SafeLine SL6 and SL6+ devices integrated into elevator emergency intercom systems are vulnerable to an authentication bypass. This vulnerability allows attackers to bypass authentication requirements and access the device's configuration service via the Bluetooth Low Energy BLE interface...

8.7CVSS0.00207EPSS
Exploits0References1
nvd
nvd
added 2026/06/22 3:16 a.m.17 views

CVE-2026-8918

A permissive list of allowed inputs in ASUS Armoury Crate allows a local administrator to perform arbitrary memory read/write operations or cause a system crash BSOD by bypassing the validation mechanism.Refer to the ' Security Update for Armoury Crate App ' section on the ASUS Security Advisory...

7.1CVSS0.00224EPSS
Exploits0References1
cve
cve
added 2026/06/21 1:26 p.m.23 views

CVE-2026-56381

Craft CMS (version 5.0.0-RC1) has a stored XSS vulnerability in the User Permissions page. The issue arises because user group names are rendered without HTML escaping, allowing attackers with admin access to inject arbitrary JavaScript via the user group name field. The injected script executes ...

4.8CVSS5.8AI score0.00148EPSS
Exploits0References2
cvelist
cvelist
added 2026/06/21 1:26 p.m.31 views

CVE-2026-56381 Craft CMS - Stored XSS via User Group Name in User Permissions Page

Craft CMS from version 5.0.0-RC1 contains a stored cross-site scripting vulnerability in the User Permissions page where user group names are rendered without proper HTML escaping. Attackers with admin access can inject arbitrary JavaScript via the user group name field that executes when other...

4.8CVSS0.00148EPSS
Exploits0References2
Rows per page
Query Builder